bcourteaud
commented
4 years ago I confirm, version 3.2.0 of vue-msal doesn't work correctly with 1.3.3 of msla.js
Open tbaart435 opened 4 years ago
bcourteaud
commented
4 years ago I confirm, version 3.2.0 of vue-msal doesn't work correctly with 1.3.3 of msla.js
cqueinnec
commented
3 years ago Could you give more details on the versions of msal and vue-msal you managed to make work together? I'm also experiencing issues regarding token retrieving from cookies, as well as this guy. Thanks for your insights.
skrtech
commented
3 years ago We're experiencing this issue as well. Is there any plan to fix this in the near future?
Tiiinky
commented
3 years ago @tbaart435 @zalken I suppose you are using "cacheLocation": "sessionStorage"? Have you ever tried switching to "localStorage"?
cqueinnec
commented
3 years ago I've always been using cacheLocation: 'localStorage'.
Vue-msal always targets the latest version of msal, according to its package.json. We didn't know this, so to our surprise, in a new release, our authentication suddenly broke without us changing anything to the authentication. This happened when opening our app, closing the tab, and then opening the app in a new tab again. It would give an authentication error, but it wouldn't reauthenticate automatically.
Turns out that the newer version of msal changed quite a bit in how the cookies and storage caches its data. In a new tab, this causes an error of null_or_empty_id_token if you were already logged in. This is because msal recognizes the user is logged in (it can find the account and access token in the cookie), but it can't access the session storage, as that is unique to every tab. It throws a null_or_empty_id_token, because it tries to look for the id token in the session storage.
This error type is not in the list of "requiresInteraction", so it will just silently fail, and won't try to log back in. We aren't sure if the problem is that this error should also require interaction, or if the problem is that the app shouldn't think it is logged in when you open a new tab. In other words, we aren't sure if this problem is in msal itself, or in the "requiresInteraction" method.
We solved this by manually resolving an old version of msal, but (for our own reasons) we would really like to use the latest version of msal. Not sure if there's a way for us to temporarily get around this issue, or if we should just wait for this to be fixed. Regardless, we thought it was worth adding this issue here, because as it is now, the interaction between msal and vue-msal seems to be a factor in this issue, even if it turns out that the root of the problem is in msal itself.